What do professionals responsible for supporting privacy efforts typically care most about? 尽职尽责地保护委托给他们的个人信息.
Those professionals responsible for supporting privacy efforts should therefore prioritize effective enterprise data management because it is integral to safeguarding individual’s privacy. A well-structured data management framework works to ensure that personal 信息 is handled ethically and compliant with regulations, while fostering a culture of responsible data stewardship within 组织. 如果处理得当, 这加强了与利益相关者的信任, 在市场中发挥差异化作用, 提高对数据生态系统的可见性, 提高数据可靠性, 并优化可扩展性和创新进入市场的努力.
ISACA的书 隐私、安全和数字信任的应用数据管理 serves as a roadmap for the everyday practitioner looking to navigate this complex space. The primary audience for this book – privacy and data governance professionals supporting privacy efforts – will uncover the 1) components and practices to develop an effective data management program, 2) challenges that enterprises face when incorporating data management into privacy and 安全, 3)包括一个示例用例场景,将其带入生活.
有了这些信息, professionals will be better positioned to execute data management 并以保护隐私为目的, 安全与 数字的信任. 根据ISACA,“数字信任是对关系完整性的信心, 的相互作用, and transactions among providers and consumers within an associated digital ecosystem. 这包括人的能力, 组织, 流程, 信息, 以及创造和维护一个值得信赖的数字世界的技术. Digital trust requires strong privacy and 安全 programs that are supported by effective data management practices.”
Managing data effectively is a prerequisite to achieving privacy and 安全 goals. 没有强大的数据管理实践, 隐私保护计划将失败,安全风险将增加. A lack of 安全 creates vulnerability risk; not addressing privacy creates noncompliance risk; and both increase the probability of loss of revenue, 声誉与信任.
如何开发有效的数据管理程序
隐私、安全和数字信任的应用数据管理 将数据管理方法分解为八个关键策略:
- 数据策略
- 数据治理
- 元数据管理
- 标准化
- 数据操作
- 数据质量
- 平台与架构
- 支持流程
当以整体的方式结合时, 这些策略可以提高数据管理程序的成熟度, 并以保护隐私为目的, 安全, 数字信任.
一路上遇到挑战
但这并不一定是在公园里散步. Several substantial challenges can make achieving effective data management difficult, 包括但不限于:
- 组织性的
- 数据质量差
- 数据存储不当
- 对数据缺乏洞察力
- 数据操作中的快捷方式
- 遵守全球数据隐私法规
大多数, 如果不是全部, of the global data privacy laws and regulations require data to be managed effectively. 遵守这些法律法规, 组织必须首先了解他们收集的数据, 收藏的目的, 如何使用, 如何共享, 它是如何存储的, 它是如何被摧毁的, 等等....... Only after 组织 have a full understanding of their data ecosystem can they begin to implement effective controls to both protect data and preserve the ability of the data to achieve intended operational goals.
让一切都栩栩如生
那么实践者如何将这一切带入生活呢? 隐私、安全和数字信任的应用数据管理 focuses on the application of data management tactics with the intent to demonstrate value to the organization and directly impact 安全与 privacy in support of 数字的信任. Starting by highlighting the privacy engineering objectives from the National Institute of Standards and Technology’s An Introduction to 隐私 Engineering and Risk Management in Federal Systems,从业者对手头的任务变得很有针对性. 这些目标包括:
- Predictability; enabling reliable assumptions by individuals, 主人, 和操作员关于个人身份信息及其信息系统处理的信息
- Manageability; providing capabilities for granular administration of PII, 包括变更, 删除, 选择性披露
- Disassociability; enabling processing of PII or events without association to individuals or devices beyond the operational requirements of the system
It is worth nothing that while these objectives should be considered for any new system or technology that may collect, Store, 或传送个人资料, 它们不应被视为包罗万象, 而是一个起点. 例如,Jaap-Henk Hoepman的 隐私很难和其他七个神话 does a wonderful job debunking persistent myths surrounding data privacy while outlining privacy design strategies that system designers can apply now – worth a read for those wanting to dive deeper into this specific domain.
在介绍了这些目标之后, the book concludes with a closing section presenting a fictional use case of an organization wanting to use an 人工智能聊天机器人 协助某些业务活动. The example demonstrates in greater detail how to apply the eight introduced data management tactics for tangible benefit and how they support the defined objectives of privacy engineering. The use case is a topical illustration given the explosion of AI exploration, 目前正在采用和监管.
接下来该怎么办
If data is the new currency of business, then 组织 with better data management will excel. Digital trust is the foundation needed for a data-driven and connected environment. 信任对个人来说是必不可少的, 澳门赌场官方下载和社会广泛参与网上交易, 分享信息, 有效合作. 随着科技继续在我们的生活中扮演着关键的角色, building and maintaining 数字的信任 – via effective data management – becomes vital in safeguarding privacy, 预防网络威胁,促进负责任地使用技术.
隐私、安全和数字信任的应用数据管理 will be published in the coming weeks and should be on the 2024 reading list for any privacy and data governance professionals supporting privacy efforts and wanting to make a positive difference when it comes to safeguarding the personal 信息 entrusted to them.
